About the security content of QuickTime 7.3

This document describes the security content of QuickTime 7.3, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

QuickTime 7.3

Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

Description: A memory corruption issue exists in QuickTime's handling of image description atoms. By enticing a user to open a maliciously crafted movie file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of QuickTime image descriptions. Credit to Dylan Ashe of Adobe Systems Incorporated for reporting this issue.

Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

Description: A heap buffer overflow exists in QuickTime Player's handling of Sample Table Sample Descriptor (STSD) atoms. By enticing a user to open a maliciously crafted movie file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of STSD atoms. Credit to Tobias Klein of www.trapkit.de for reporting this issue.

Description: Multiple vulnerabilities exist in QuickTime for Java, which may allow untrusted Java applets to obtain elevated privileges. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker may cause the disclosure of sensitive information and arbitrary code execution with elevated privileges. This update addresses the issues by making QuickTime for Java no longer accessible to untrusted Java applets. Credit to Adam Gowdiak for reporting this issue.

Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution

Description: A stack buffer overflow exists in PICT image processing. By enticing a user to open a maliciously crafted image, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT files. Credit to Ruben Santamarta of reversemode.com working with TippingPoint and the Zero Day Initiative for reporting this issue.

Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution

Description: A heap buffer overflow exists in PICT image processing. By enticing a user to open a maliciously crafted image, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT files. Credit to Ruben Santamarta of reversemode.com working with TippingPoint and the Zero Day Initiative for reporting this issue.

Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

Description: A heap buffer overflow exists in the parsing of the color table atom when opening a movie file. By enticing a user to open a maliciously crafted movie file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of color table atoms. Credit to Ruben Santamarta of reversemode.com and Mario Ballano of 48bits.com working with TippingPoint and the Zero Day Initiative for reporting this issue.

Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution.

Description: An integer arithmetic issue in QuickTime's handling of certain movie file atoms may lead to a stack buffer overflow. By enticing a user to open a maliciously crafted movie file, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of atom length fields in movie files. Credit to Cody Pierce of TippingPoint DVLabs for reporting this issue.

Important: Information about products not manufactured by Apple is provided for information purposes only and does not constitute Apple’s recommendation or endorsement. Please contact the vendor for additional information.